moby: Containers get duplicate bridged IPs after docker daemon is restarted
Description We are encountering containers with duplicate bridged IP addresses. This occurs when the docker daemon is restarted while containers remain running, as the docker daemon will begin handing out the same IP addresses to new containers.
Steps to reproduce the issue:
- start a couple of containers
- restart the docker daemon
- start a couple more containers
Describe the results you received: The containers started after the docker daemon restart are given the same IP address as the already running containers.
Describe the results you expected: The containers started after the docker daemon restart should get unique IP addresses.
Additional information you deem important (e.g. issue happens only occasionally):
Before restarting the docker daemon
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "a6452e05c0654362670f81b448c6bd9172ce90d5993d7d0c21a5439484d45747",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.16.35.1/24",
"Gateway": "172.16.35.1"
}
]
},
"Containers": {
"1f95533c5dd7d065db14f01a73990e68c6cfa1c58d759274436dfde391f91479": {
"Name": "thing1",
"EndpointID": "01142a5dcfaea4fd9c0a285faf144c88c8c6740506d7debab0bc3d387f458e8b",
"MacAddress": "02:42:ac:10:23:02",
"IPv4Address": "172.16.35.2/24",
"IPv6Address": ""
},
"20bc5a8a85003161e3ad0af4e5bc0e668b0b64cab7645757098241c91bbbb604": {
"Name": "thing2",
"EndpointID": "9b45180d6f9a6e877e3cc1b483637c039c5e54cebe74658d4d04adfde5da8e34",
"MacAddress": "02:42:ac:10:23:03",
"IPv4Address": "172.16.35.3/24",
"IPv6Address": ""
},
"71fc924c7ad8fc5f552991a64f924b39d1100c75c8133342cb7087d63bc2e56c": {
"Name": "thing3",
"EndpointID": "7ed97bc62eccf341cb17dd5fc681ac3ac713e31a49d6047fe3b14f11813b5107",
"MacAddress": "02:42:ac:10:23:04",
"IPv4Address": "172.16.35.4/24",
"IPv6Address": ""
},
"f42c9c8095a9392ea1f556ef4ebd0a0dc28a53f9e8e2ed192ed315f84a3d1251": {
"Name": "jolly_elion",
"EndpointID": "d3a90ce26c98e1b8115ea01244434ca91f9ceaa17b0abf97679916887f646140",
"MacAddress": "02:42:ac:10:23:05",
"IPv4Address": "172.16.35.5/24",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "false",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1450"
}
}
]
Then after restarting the docker daemon:
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "a6452e05c0654362670f81b448c6bd9172ce90d5993d7d0c21a5439484d45747",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.16.35.1/24",
"Gateway": "172.16.35.1"
}
]
},
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "false",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1450"
}
}
]
Then after starting a new container:
core@iseb00303 ~ $ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "a6452e05c0654362670f81b448c6bd9172ce90d5993d7d0c21a5439484d45747",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.16.35.1/24",
"Gateway": "172.16.35.1"
}
]
},
"Containers": {
"ca506f31c40e1b11d9d876c4b46b031aeef22b16d22bbd08c9b5843006921036": {
"Name": "tiny_hawking",
"EndpointID": "0e9a5566e27b3325b23ba246996569ff40ada126cc3f04b787c07b5268db98d8",
"MacAddress": "02:42:ac:10:23:02",
"IPv4Address": "172.16.35.2/24",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "false",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1450"
}
}
]
Meanwhile, all containers from both before and after restarting the daemon are still up.
Output of docker version:
Docker version 1.12.0, build 8eab29e
Output of docker info:
Containers: 21
Running: 7
Paused: 0
Stopped: 14
Images: 412
Server Version: 1.12.0
Storage Driver: overlay
Backing Filesystem: extfs
Logging Driver: journald
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: overlay bridge host null
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: seccomp
Kernel Version: 4.5.0-coreos-r1
Operating System: CoreOS 1010.1.0 (MoreOS)
OSType: linux
Architecture: x86_64
CPUs: 24
Total Memory: 141.6 GiB
Name: iseb00303
ID: ECKH:TYVA:7CPL:TRPP:OYPP:GRDW:VN2S:KTDB:XNYA:S77A:CQY3:JWFI
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Insecure Registries:
127.0.0.0/8
Additional environment details (AWS, VirtualBox, physical, etc.): Observed on physical servers, and in AWS.
About this issue
- Original URL
- State: closed
- Created 8 years ago
- Comments: 18 (11 by maintainers)
I have this issue (duplicate IPs after restarting docker daemon) on CentOS 7.3.1611,
live-restore option is enabled: